PHP Logout with Cookies and Sesssions

Asked

Viewed 1,901 times

0

I’m having a problem when it comes to logout on my site, because when I only use Sesssions it logout normally, but when I use Sesssions and cookies to remind the user, I need to leave twice, sometimes even more, like I’m on the user’s page and I click out, it recharges and still continues with the user, I click exit again ai yes it leaves the user.

The button calling the logout function:

 <li><a href="javascript:void(0)" onclick="deslogar()">Desconectar</a></li>

JS function:

     function deslogar(){
    $.post('/', {
        sair:'sair'
    });
    document.location.href="/";
}

PHP function that will call Function logout:

if(isset($_POST['sair'])){
        $logar = new SistemaLogin;
        $logar ->desconectar();
    }

Function logout php:

public function desconectar(){
        SistemaLogin::excluirCookies();
            session_destroy();
            header("Location: /cadastro_prof");
    }

Function to delete cookies:

private function excluirCookies(){
            setcookie("email", "", time() - $this->tempo_cookie);
            setcookie('password', "", time() - $this->tempo_cookie);
            setcookie("tp_usuario", "", time() - $this->tempo_cookie);  
}

I create the Sesssions and cookies so if the user does not want to save his login, the system creates only the Sesssions, if not he creates the Sesssions and cookies:

private function criarSessions($pri_nm, $email, $senha, $tp_usuario){
        $_SESSION['pri_nome'] = $pri_nm;
        $_SESSION['email'] = $email;
        $_SESSION['senha'] = $senha;
        $_SESSION['tp_usuario'] = $tp_usuario;
        $this->registrarLog();
    }

    private function criarCookies($email, $password, $tp_usuario){
         setcookie("email", $email, time()+$this->tempo_cookie, "/");
         setcookie('password', $password, time()+$this->tempo_cookie,"/");
         setcookie("tp_usuario", $tp_usuario, time()+$this->tempo_cookie, "/");
    }


    if($this->manter_online == 'sim'){
                        $this->criarCookies($this->email, $this->senha, $this->tp_usuario);
                        $this->criarSessions($this->pri_nm, $this->email, $this->senha, $this->tp_usuario);
                    }else{
                        $this->criarSessions($this->pri_nm, $this->email, $this->senha, $this->tp_usuario);
                    }

I put the deadline on 1 year cookies, and if you leave it subtracts the same.

  • What is that sair: 'sair' in its first function? Wouldn’t it be data: ?

  • it creates a post with the name come out, put the value out, but this does not affect anything, because php is only picking up if the 'go out' variable exists. i create the post and reload the page for php to grab the file.

  • if I’m not mistaken the date we use in ajax, then you can create a post with any name.

  • The method excluirCookies() is running normal? Put a excluirCookies(){ exit('Chegou no excluirCookies');.

  • It is deleting cookies yes, if I put an Exit in the excluirCookies() function, it will not run session_destroy. I checked on cookies saved on Chrome when I first log out, it shows that cookies are valid until the end of that section. but how to kill cookies and their session?

  • Is giving a refresh on the page after the method?

  • So I put PHP to do this, but it still goes on like this. I think that so due to the first time I delete the Sesssions and the cookies, the cookie itself create its Sesssions, call the function again, it no longer erases the cookies, because it no longer has any more and deletes the Sesssions left by the cookie.

Show 2 more comments

2 answers

0


Our found out what it was, I created a Class systemLogin, and a Function excluirCookies private and another public disconnect, I was called a function from within the class as follows: Systemlogin::excluirCookies(); I put it like this: $this-> excluirCookies(); and it worked, dirty that right. I spent last night trying to figure out what it was.

0

Put the refresh page after the return of AJAX:

function deslogar(){
    $.post('/', {
        sair:'sair'
    }, function(data){
       if (window.location.origin == undefined)
          window.location.origin = '//' + window.location.host;
       document.location.href = window.location.origin;
    }, function(x,y,z){
       alert('Não foi possível sair');
       console.log(x,y,z);
    });
}

Make sure the cookies will be cleaned:

private function excluirCookies(){
    unset($_COOKIE['email']);
    unset($_COOKIE['password']);
    unset($_COOKIE['tp_usuario']);
    setcookie('email', null, -1, '/');
    setcookie('password', null, -1, '/');
    setcookie('tp_usuario', null, -1, '/');  
}

Delete Coockies

I noticed that you store the password in a cookie and that’s a terrible practice, cookies can be stolen easily. Here’s a question and an excellent answer on how Safely remember user.

  • I use password encryption, I use sha512, it’s still not safe?

  • I’ll try that method, thank you very much for the help!

Browser other questions tagged

You are not signed in. Login or sign up in order to post.